package jee.boot.oauth.config.token;

import jee.boot.common.properties.PermitUrlProperties;
import org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor;
import org.springframework.util.AntPathMatcher;

import javax.servlet.http.HttpServletRequest;

public class CustomTokenExtractor  extends BearerTokenExtractor {
    private PermitUrlProperties permitUrlProperties;
    private  AntPathMatcher matcher=new AntPathMatcher();
    public CustomTokenExtractor(PermitUrlProperties permitUrlProperties) {
        this.permitUrlProperties = permitUrlProperties;
    }

    /**
     * Extract the OAuth bearer token from a header.
     *
     * @param request The request.
     * @return The token, or null if no OAuth authorization header was supplied.
     */
    protected String extractHeaderToken(HttpServletRequest request) {
        String requestURI = request.getRequestURI();
        // 对白名单中的请求忽略token的认证
        for(String s: permitUrlProperties.getOauthUrls()){
            if(matcher.match(s,requestURI)){
                return null;
            }
        }
        // 对白名单中的请求忽略token的认证
        for(String s: permitUrlProperties.getHttpUrls()){
            if(matcher.match(s,requestURI)){
                return null;
            }
        }
        return super.extractHeaderToken(request);
    }
}
